blob: faf0ce13238e4f3e113e2d351300c54bd351ddfb (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
|
{ config, lib, options, pkgs, ... }:
with lib;
let
cfg = config.services.pgpkeyserver-lite;
sksCfg = config.services.sks;
sksOpt = options.services.sks;
webPkg = cfg.package;
in
{
options = {
services.pgpkeyserver-lite = {
enable = mkEnableOption "pgpkeyserver-lite on a nginx vHost proxying to a gpg keyserver";
package = mkOption {
default = pkgs.pgpkeyserver-lite;
defaultText = literalExpression "pkgs.pgpkeyserver-lite";
type = types.package;
description = "
Which webgui derivation to use.
";
};
hostname = mkOption {
type = types.str;
description = "
Which hostname to set the vHost to that is proxying to sks.
";
};
hkpAddress = mkOption {
default = builtins.head sksCfg.hkpAddress;
defaultText = literalExpression "head config.${sksOpt.hkpAddress}";
type = types.str;
description = "
Wich ip address the sks-keyserver is listening on.
";
};
hkpPort = mkOption {
default = sksCfg.hkpPort;
defaultText = literalExpression "config.${sksOpt.hkpPort}";
type = types.int;
description = "
Which port the sks-keyserver is listening on.
";
};
};
};
config = mkIf cfg.enable {
services.nginx.enable = true;
services.nginx.virtualHosts = let
hkpPort = builtins.toString cfg.hkpPort;
in {
${cfg.hostname} = {
root = webPkg;
locations = {
"/pks".extraConfig = ''
proxy_pass http://${cfg.hkpAddress}:${hkpPort};
proxy_pass_header Server;
add_header Via "1.1 ${cfg.hostname}";
'';
};
};
};
};
}
|